#VU103585 NULL pointer dereference in Linux kernel - CVE-2025-21675

Cybersecurity Help s.r.o.

Published: 2025-02-04

Vulnerability identifier: #VU103585

Vulnerability risk: Low

CVSSv4.0: 1.7 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:U/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2025-21675

CWE-ID: CWE-476

Exploitation vector: Local

Exploit availability: No

Vulnerable software:
Linux kernel
Operating systems & Components / Operating system

Vendor: Linux Foundation

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the mlx5_lag_port_sel_create() and mlx5_destroy_ttc_table() functions in drivers/net/ethernet/mellanox/mlx5/core/lag/port_sel.c. A local user can perform a denial of service (DoS) attack.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Linux kernel: All versions

External links
https://git.kernel.org/stable/c/1f6e619ef2a4def555b14ac2aeb4304bfccad59b
https://git.kernel.org/stable/c/473bc285378f49aa27e5b3e95a6d5ed12995d654
https://git.kernel.org/stable/c/5641e82cb55b4ecbc6366a499300917d2f3e6790
https://git.kernel.org/stable/c/efc92a260e23cf9fafb0b6f6c9beb6f8df93fab4

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for the Linux Kernel

Debian update for linux

NULL pointer dereference in Linux kernel core lag driver